MSSP - Managed Security Service Provider

eurest

Eurest is a premier provider of catering services for businesses, schools, and hospitals. As part of the Compass Group, the world’s largest contract food service company, Eurest operates in 45 countries, employing over 600,000 people and serving 5.5 billion meals annually. With a strong presence in both public and private sectors, Eurest relies on technology-driven solutions to manage its large-scale operations efficiently.

https://www.eurest.pt/

Executive Summary

Eurest, a global leader in contract catering services, required a robust cloud security framework to safeguard its vast network of restaurant and food service operations. Facing challenges in threat detection, compliance enforcement, and data protection, Eurest partnered with Magic Beans to implement a comprehensive AWS Managed Security Service Provider (MSSP) solution. By leveraging AWS Security Hub, GuardDuty, Inspector, Systems Manager, WAF, and KMS, Eurest achieved enhanced security visibility, proactive threat mitigation, and compliance adherence while ensuring seamless operations across its cloud infrastructure.

Customer Challenge

As Eurest expanded its cloud-based infrastructure to support global operations, it faced multiple security challenges:

  • Lack of centralized security monitoring across AWS workloads, leading to gaps in threat detection.
  • Need for real-time threat intelligence and response to prevent potential cyberattacks.
  • Compliance enforcement with internal security policies and industry regulations.
  • Data encryption and access control requirements to protect sensitive customer and financial information.
  • Web application security risks, including protection against SQL injection and distributed denial-of-service (DDoS) attacks.

Without addressing these issues, Eurest faced risks such as data breaches, operational disruptions, and regulatory non-compliance, which could significantly impact business continuity and customer trust.

Partner Solution

To enhance Eurest’s cloud security posture, Magic Beans deployed the following AWS security services:

  1. AWS Security Hub – Provided centralized visibility into security alerts and compliance status across AWS accounts.
  2. Amazon GuardDuty – Enabled continuous monitoring for threats such as anomalous API calls and unauthorized access.
  3. AWS Inspector – Automated vulnerability management, identifying and prioritizing security risks.
  4. AWS Systems Manager – Simplified compliance enforcement through centralized patch management and logging.
  5. AWS Web Application Firewall (WAF) – Protected Eurest’s online services from common web exploits.
  6. AWS Key Management Service (KMS) – Secured sensitive data using AWS-managed encryption keys.

Managed Security Services Delivered

Magic Beans operates managed security services activities that integrates seamlessly with Eurest’s cloud environment.

Core MSSP Activities:

  • Continuous Threat Monitoring: Review all findings from GuardDuty and Inspector with alerting.
  • Incident Response & Escalation:
    • Tier 1: Alerts triaged automatically using enrichment playbooks.
    • Tier 2: Analyst validation, context enrichment, and investigation.
    • Tier 3: Incident escalation to Eurest's IT team for joint remediation.
  • Automated Remediation: GuardDuty alerts trigger predefined Lambda responses for immediate containment.
  • Patch & Compliance Management: AWS Systems Manager enforces patch baselines and logs results.
  • Security Advisory Services: Ongoing consulting to improve IAM policies, WAF rule sets, and encryption strategies.

 

Security Governance & Compliance

Magic Beans established a formal Security Governance Framework with the following components:

  • Compliance Reporting: Automated dashboards detail alignment with Security Standards, PCI, and CIS benchmarks.
  • Security Reviews: Strategic sessions with Eurest’s security leadership to track progress, adjust SLAs, and refine priorities.
  • Change Control Procedures: All critical changes to WAF, IAM, and SSM patch baselines follow an approval workflow.
  • KPI-Driven Risk Management: Security posture is measured and optimized across performance metrics tracked monthly

 

Architectural Design

Architecture Diagram

Results and Benefits

As a result of the Magic Beans Managed Security Services, Eurest was able to achieve:

  • Improved Security Posture: Reduced security incidents through real-time monitoring and proactive threat detection.
  • Faster Threat Response: Automated security alerts decreased response times, minimizing potential breaches.
  • Enhanced Compliance: AWS Systems Manager and Security Hub streamlined compliance reporting, ensuring adherence to ISO 27001 and GDPR standards.
  • Data Protection Assurance: AWS KMS encryption ensured sensitive customer and financial data remained secure.
  • Web Application Security: AWS WAF blocked and prevented potential attacks.

Outcomes & Metrics

MetricOutcome
Mean Time to Detect (MTTD)Reduced to 4 minutes through continuous GuardDuty and Security Hub monitoring
Mean Time to Respond (MTTR)Achieved under 15 minutes for critical incidents
Vulnerability Remediation TimeReduced by 65% using automated Inspector scans and Systems Manager patching
Compliance CoverageAchieved 80% CIS compliance within the first 90 days
WAF Block EventsBlocked over 500 malicious requests/day, including botnet traffic and injection attempts
Audit Preparation TimeReduced by 70% due to automated Security Hub and SSM compliance reports

 

Ready to get started?

To learn more about how AWS and Magic Beans can help your business, contact us at team@magicbeans.pt

Portugal:

Lisboa
Rua Dr. António Cândido, 10 - 1º Andar
1050-076, Lisboa

Porto
Avenida de França, n.º 20, sala 507
4050-275, Porto

Óbidos
Parque Tecnológico de Óbidos, Edifícios Centrais, Rua da Criatividade
2510-216, Óbidos

Country Phone:
(+351) 308 814 821
Country Email:
team@magicbeans.pt

 
Netherlands:

Amsterdam
Weteringschans 165 C
1017 XD, Amsterdam

Country Email:
team@magicbeans.nl

Spain:

Barcelona
Ronda de Sant Pere, 16, Bajos
08010, Barcelona

Madrid
Paseo de la Habana, 9-11, Bajos
28036, Madrid

Country Phone:
(+34) 609 129 074
Country Email:
info@magicbeans.es

 
Belgium:

Brussels
Avenue Louise 54
Ixelles, 1050, Belgium

Country Email:
team@magicbeans.be

 

Italy:

Trieste
Riva Tommaso Gulli 12
34123 (TS)

Country Email:
info@magicbeans.it

© Copyright - | magic beans | All Rights Reserved | Powered by: valkirias